<!DOCTYPE html>
<title>Federated Credential Management API getUserInfo() tests.</title>
<link rel="help" href="https://fedidcg.github.io/FedCM">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/resources/testdriver.js"></script>
<script src="/resources/testdriver-vendor.js"></script>

<body>

<script type="module">
import {alt_manifest_origin,
        alt_request_options_with_mediation_required,
        fedcm_test,
        fedcm_get_and_select_first_account} from './support/fedcm-helper.sub.js';

async function createIframeWithPermissionPolicyAndWaitForMessage(test, iframeUrl) {
    const messageWatcher = new EventWatcher(test, window, "message");
    let iframe = document.createElement("iframe");
    iframe.src = iframeUrl;
    iframe.allow = "identity-credentials-get";
    document.body.appendChild(iframe);
    let message = null;
    // Ignore internal "testdriver-complete" messages.
    do {
        message = await messageWatcher.wait_for("message");
    } while (!("result" in message.data));
    return message.data;
}

fedcm_test(async t => {
  const cred = await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
  assert_equals(cred.token, "token");

  const iframe_in_idp_scope = `${alt_manifest_origin}/\
fedcm/support/fedcm/userinfo-iframe.html`;
  const message = await createIframeWithPermissionPolicyAndWaitForMessage(t, iframe_in_idp_scope);
  assert_equals(message.result, "Pass");
  assert_equals(message.numAccounts, 1);
  assert_equals(message.firstAccountEmail, "john_doe@idp.example");
  assert_equals(message.firstAccountName, "John Doe");
  assert_equals(message.firstAccountGivenName, "John");
  assert_equals(message.firstAccountPicture, "https://idp.example/profile/123");
}, 'Test basic User InFo API flow');

fedcm_test(async t => {
  const cred = await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
  assert_equals(cred.token, "token");

  const iframe_in_idp_scope = `support/fedcm/userinfo-iframe.html`;
  const message = await createIframeWithPermissionPolicyAndWaitForMessage(t, iframe_in_idp_scope);
  assert_equals(message.result, "Fail");
}, 'Test that User Info API only works when invoked from iframe that is same origin as the IDP');

fedcm_test(async t => {
  const cred = await fedcm_get_and_select_first_account(t, alt_request_options_with_mediation_required());
  assert_equals(cred.token, "token");

  const manifest_path = `${alt_manifest_origin}/\
fedcm/support/fedcm/manifest.py`;
  await promise_rejects_dom(t, 'InvalidStateError',
    IdentityProvider.getUserInfo({
      configURL: manifest_path,
      // Approved client
      clientId: '123',
    }))
}, 'Test that User Info API does not work in the top frame');

</script>
